Lucene search

[email protected]CVE-2007-0020

HistoryJan 24, 2007 - 1:28 a.m.

CVE-2007-0020

2007-01-2401:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0020

panic transmit

sftp

buffer overflow

remote code execution

url

security vulnerability

8.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.233 Low

EPSS

Percentile

96.5%

JSON

Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL.

CPENameOperatorVersion
panic_transmit:panic_transmitpanic transmitle3.5.5

CPE	Name	Operator	Version
panic_transmit:panic_transmit	panic transmit	le	3.5.5

References

osvdb.org/32694

projects.info-pull.com/moab/MOAB-19-01-2007.html

secunia.com/advisories/23861

www.securityfocus.com/bid/22145

www.vupen.com/english/advisories/2007/0273

exchange.xforce.ibmcloud.com/vulnerabilities/31673

www.exploit-db.com/exploits/3160

8.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.233 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2007-0020

prion1 securityvulns1